There is almost no medium on the face of the earth as powerful as President Donald Trump’s Twitter account.
It’s where he attacks his many perceived enemies, announces foreign policy decisions, hell, it’s even where he fires people. It’s believable the president would do anything from his Twitter account. If Trump wanted to start a war, it wouldn’t be too shocking if we find out from Twitter.
So, it’s frankly scary — and darkly hilarious — that a hacker reportedly gained access to Trump’s personal Twitter account by simply guessing the password “maga2020!” The account reportedly didn’t even have two-factor authentication. That means all you needed to gain access to the account — say, if you were a bad actor — was that quite simple password.
A Twitter spokesperson, however, told Mashable that the company had “no evidence” to corroborate the claim of the alleged hack.
Victor Gevers, a 44-year-old “ethical hacker” and security expert, told the Dutch newspaper De Volkskrant that he could post tweets from the president’s account, access his DMs, and change his profile. Gevers shared screenshots with the Dutch magazine Vrij Nederland that apparently showed him inside the account. De Volkskrant reported that Dutch security experts found the claims credible.
“We’ve seen no evidence to corroborate this claim, including from the article published in the Netherlands today. We proactively implemented account security measures for a designated group of high-profile, election-related Twitter accounts in the United States, including federal branches of government,” a Twitter spokesperson said in an email to Mashable.
There’s no real way to independently confirm if the account was actually hacked. Mashable has reached out Gevers, the White House, and Trump’s campaign for comment and confirmation, but has not yet received responses.
Gevers told the Dutch newspaper de Volkskrant that he alerted the White House and the U.S. government about Trump’s account’s vulnerability, and that he was then contacted by the Secret Service.
This isn’t even the first time Gevers apparently gained access to Trump’s account. In 2016 he reportedly got in using the password “yourefired.” Really.
Gevers seemingly referenced the two hacks in a tweet on Thursday.
It started six years ago. And hopefully, it will be the last time in 2020. Please switch on two-factor authentication on all of your accounts. 🙏
— Victor Gevers (@0xDUDE) October 22, 2020
Gevers told Vrij Nederland that he ran though a few obvious passwords — “!IWillAmericaGreatAgain!, MakeAmericaGreatAgain, MakeAmericaGreatAgain!, Maga2020, Maga2020!” — before landing on “maga2020!” He hinted in the interview that he might’ve left breadcrumbs behind proving he accessed Trump’s account in an effort to get the White House to take security seriously.
Remember when President Trump shared rightwing satire from the Babylon Bee, seemingly unaware it was fake? That may have been Gevers’ doing.
Vrij Nederland noted that a now-deleted tweet from Gevers hinted that he retweeted the post. However, he was cagey about it in an interview.
“I am not saying I did it,” Gevers said to Vrij Nederland. “But what if I was the one to post the tweet? Then Trump will need to either admit to never having read the Babylon Bee article and posting this bullshit tweet, OR he will need to acknowledge that someone else posted the tweet.”
Gevers said he noticed that the day after the reported hack, Trump’s account finally had two-factor authentication.